Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management


Leave a comment

#WindowsAdminCenter – Installing Windows Server version 20H2 Core Build 10.0.19042 #Winserv #HybridIT #Azure

Windows Admin Center Hyper-V Host

Simplify server management

Manage all your server environments with familiar yet modernized tools, such as the reimagined Server Manager and streamlined MMC tools, from a single, browser-based, graphical user interface. Admins can manage Windows Server instances anywhere: on-premises, in Azure, or in any cloud.

Operate hybrid seamlessly

Extend on-premises deployments of Windows Server to the cloud by using the Azure hybrid services found in Windows Admin Center. Use Azure for:

  • Backup and disaster recovery
  • Additional capacity for compute, file servers and storage
  • Centralized management for monitoring, threat protection and update management

You can download Windows Admin Center here

In the following steps we will install Windows Server Core 20H2 version Build 10.0.19042 via Windows Admin Center on my Hyper-V Host called Starship01.mvplab.cloud.
I have Windows Admin Center already running for my MVPLAB with a Windows Server 2019 Hypervisor host. From here I will install a New Windows Server Core 20H2 Machine.

Click in the Left toolbar on Virtual Machines 
and then on Add New

Deployment settings for the New Virtual Machine.

Here we set the following settings :

  • Virtual Machine Name
  • Generation VM ( gen 2 is recommended )
  • The path of the VM settings and Disk
  • Virtual Processors
  • a mark for nested virtualization ( for the Hyper-V feature )
  • Memory
  • Network / Virtual Switch
  • Storage

 

When you Add Storage you can select also the new ISO file for Installation.

I changed the Size of the Operating Disk from 127GB to 50GB
And I selected the path to the Windows Server Core 20H2 ISO.
Then Click on Create.

Windows Admin Center will create the Virtual Machine really fast.

Now the Window Virtual Machine Dark20H2 is created by Windows Admin Center on the Hyper-V Host, we can do the Windows Server Core 20H2 Installation by starting the Virtual Machine.

Before you Start running the VM, have a look at the settings

If you want you can set more Security features here.
You can set Encryption and Security Policy.

Start the Virtual Machine here for Installation of Windows Server Core 20H2
( The ISO is connected )

Installation of Windows Server Core 20H2 version Build 10.0.19042

The virtual Machine is running and now we can connect it via Windows Admin Center to do the installation of Windows Server.

Click on Connect

Use your Windows Admin Center account and mark
for the certificate. Then Click on Connect

Here we see the Console for the Windows Server Installation.

Install Now.

The Windows Server Core 20H2 is Installed.

Of course you can now configure the Machine via SConfig.exe, I only gave the Server name and a static IP address with DNS.

Via Windows Admin Center ( Manage) you can add the Machine to the domain.

Add the Server to the domain with your account and Click on Join

Server will Restart, Click on Yes

Dark20H2 Joined the Domain MVPLAB.CLOUD Successfully

 Adding the Windows Server Core 20H2 to Windows Admin Center

Add Dark20H2.mvplab.cloud to Windows Admin Center.

Of course I want to manage the server with Windows Admin Center and use all the tools I need to securely manage this Server.

Windows Server Core 20H2 in Windows Admin Center.

First thing what I do in my MVPLAB is Windows Updates.

December Updates for Windows Server Core 20H2

Updates Installed Successfully 🙂

Azure Hybrid Services

Azure Hybrid Services

You can extend on-premises deployments of Windows Server to the cloud by using Azure hybrid services. These cloud services provide an array of useful functions, both for extending on-premises into Azure, and for centrally managing from Azure. Think of :

  • Azure Backup Services
  • Azure Monitoring Services
  • Disaster Recovery
  • Azure File Sync Services
  • Azure Security Center / Azure Defender Services

Here you find more information about Azure Hybrid Services

Conclusion

Windows Admin Center is a must have when you have to manage Windows Server Core versions, you don’t have to worry about all the Commands of Windows Server Core. With Windows Admin Center it becomes easy to do the complete installation of the server and this include also all features of Windows Server Core 202H2 Build 10.0.19042. It becomes really powerful when you use it in a Hybrid way by connecting to Microsoft Azure Cloud Services. Earlier I wrote a blogpost about Windows Admin Center and Azure Security Center

I Hope this is useful for you, and start your journey with Windows Admin Center & Windows Server Core versions 😉

JOIN the Windows Admin Center Community Group on LinkedIn


Leave a comment

What’s New in Azure Security Center! #ASC #Security #Azure #SecOps #SIEM

What’s New in Azure Security Center

Security Center is in active development and receives improvements on an ongoing basis. To stay up to date with the most recent developments, this page provides you with information about new features, bug fixes, and deprecated functionality.

November 2020

Updates in November include:

Azure Defender

Microsoft Azure Defender Dashboard

Azure Security Center’s features cover the two broad pillars of cloud security:

  • Cloud security posture management (CSPM) – Security Center is available for free to all Azure users. The free experience includes CSPM features such as secure score, detection of security misconfigurations in your Azure machines, asset inventory, and more. Use these CSPM features to strengthen your hybrid cloud posture and track compliance with the built-in policies.
  • Cloud workload protection (CWP) – Security Center’s integrated cloud workload protection platform (CWPP), Azure Defender, brings advanced, intelligent, protection of your Azure and hybrid resources and workloads. Enabling Azure Defender brings a range of additional security features as described on this page. In addition to the built-in policies, when you’ve enabled any Azure Defender plan, you can add custom policies and initiatives. You can add regulatory standards – such as NIST and Azure CIS – as well as the Azure Security Benchmark for a truly customized view of your compliance.

Here you can read about Microsoft Azure Defender on Docs.

Additional threat protections in Azure Security Center

Microsoft Azure Security Center Team is working hard on additional threat protections for :

  • Threat protection for Azure Network Layer
  • Threat protection for Azure Resource Manager ( Preview)
  • Threat Protection for Azure Cosmos DB ( Preview)
  • Threat Protection for Azure WAF
  • Threat Protection for Azure DDoS Protection

More information about additional Threat protections here on Docs.

What is Azure Sentinel?

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.

Read here more about Microsoft Azure Sentinel

Who to follow on Social Media for Azure Security Center

On twitter you have to follow Principal Program Manager at Microsoft C+AI Security Yuri Diogenes : @yuridiogenes

On YouTube you can subscribe to Azure Security Center in the Field ( #ascinthefield) YouTube

Microsoft Azure Security Center Website

Microsoft Azure Sentinel Website

On Microsoft Tech Community platform : Become an Azure Security Ninja

On LinkedIn JOIN the Microsoft Azure Monitor & Security for Hybrid IT Community Group

 


Leave a comment

Azure Arc Security remediation on Azure Stack HCI Cluster #Azure #Security #ASC #AzureStackHCI

Azure ARC Services

Microsoft Azure Arc enables you to manage your entire environment, with a single pane of glass, by projecting your existing resources into Azure Resource Manager. You can now manage virtual machines, Kubernetes clusters, and databases as if they are running in Azure. Regardless of where they live, you can use familiar Azure services and management capabilities. Azure Arc enables you to continue using traditional ITOps, while introducing DevOps practices to support new cloud native patterns in your environment.

IT Management with Azure ARC

With Microsoft Windows Admin Center I Build a Microsoft Azure Stack HCI Cluster and the Nodes are connected with Azure Arc Services. In the following steps you will see a security feature of Microsoft Azure Arc Services with remediation of the Risks on the Azure Stack HCI Cluster On-premises.

Azure Arc Security Remediation

Here you see the Azure Arc Servers with Azure Stack HCI

On Skywalker01 Node we have two Security Risks

When you click on the risk, you see the description and the remediation steps to solve this risk issue. Here you can also see the remediation script:

Automatic Remediation Script. 

Select the Azure workspace ID and when you don’t have one you can Create new Workspace in Azure.
Select the resource, in my case Skywalker01
Click on remediate resource.

Remediation in progress

The Microsoft Azure Monitor Agent extension in Azure Arc is successfully installed.

Done.

I did the same for Skywalker02 Azure Stack HCI Cluster Node.

The Next Medium Risk is a Vulnerability assessment on the Azure Stack HCI Cluster nodes. Just follow the steps of the wizard.

Azure Arc Security Vulnerability Assessment with Azure Defender

Click on remediate.

This one will use Qualys in Azure Defender.

Click on remediate resource.

The vulnerability scanner included with Azure Security Center is powered by Qualys. Qualys’ scanner is one of the leading tools for real-time identification of vulnerabilities. It’s only available with Azure Defender for servers. You don’t need a Qualys license or even a Qualys account – everything’s handled seamlessly inside Security Center.

Here you find more information about Azure Defender’s integrated vulnerability assessment solution for Azure and hybrid machines

Azure Arc Insights Monitor

Azure Arc Insights of the Azure Stack HCI Cluster Node

Because we have installed the Microsoft Azure Monitor extension in Azure Arc on this Azure Stack HCI Node Server, telemetry and analytics will do his job for Monitoring in Azure and data will be collected. In Azure maps you see the connectivity of the Server.

 

Here you can see the Fired Alerts by severity and Investigate 🙂

You can monitor the Traffic

Here you find more information about Insights and Maps for your Servers

Conclusion

Here you see the power of Hybrid IT management via Microsoft Azure Arc services and get Azure Cloud services for your On-premises Servers. You have the Free Microsoft Windows Admin Center Tool and integration with Azure Arc for all the innovative tools like Azure Monitor, Azure Security Center, Azure Defender, Update management and more. I hope you see the benefits too, Get started Today !

JOIN the Microsoft Azure Monitor & Security for Hybrid IT Community

 


Leave a comment

Windows Admin Center with Azure Security Center integration #ASC #WindowsAdminCenter #Winserv #Azure

Windows Admin Center for Hybrid IT Management

As an Administrator, I like to work with Microsoft Windows Admin Center, It’s a locally deployed, browser-based app for managing Windows servers, clusters, hyper-converged infrastructure, as well as Windows 10 PCs. You can download Windows Admin Center here and use it for Free in your Production environment. What is Windows Admin Center? What are my benefits? Here you see Windows Admin Center Architecture how it works.

Windows Admin Center Architecture.

So you can use Windows Admin Center everywhere, you can Install it on a Server on-premises without any internet connections, or in a hybrid way with a internet connection for Cloud
services integrations like Azure Backup, Azure Security Center, Azure Monitor or Azure File Sync and to manage your Virtual Machines in the Cloud.
Microsoft is now busy with Windows Admin Center in the Azure Portal in Preview to manage your Hybrid Datacenter. Here you find a blogpost about it in the Microsoft Tech Community.

Manage Internet Access in Windows Admin Center.

Datacenter Administrators want to manage Windows Servers in an Easy way but it must be secure. Microsoft has some user access options for using Windows Admin Center.
The one I like most is Microsoft Azure MFA (Two-Factor-Authentication) on your Windows Admin Center environment. Here you find more information about User Access WAC.

Choose the right Windows Admin Center installation for your environment:

Windows Admin Center Installation types.
These are Production Ready.

But don’t forget the Microsoft Windows Admin Center in the Azure Portal Preview :

Windows Admin Center in the Azure Portal Preview.

Windows Admin Center | Management | Azure Security Center Integration.

The Power of a Modern Management tool like Windows Admin Center is the Extensions feature to integrate with external Services like Azure Cloud Services, or third party vendors like Dell EMC or HP, Fujitsu, Data-On with great management solutions. An other example of a Windows Admin Center Extension are Containers. 

In the following steps you will see how easy it is to manage and integrate Azure Security Center into Windows Admin Center for your Servers.

When you have installed Windows Admin Center, you have to add your Microsoft Azure Subscription into WAC.

Azure Registration in Windows Admin Center.

In the upper right you have the settings icon of Windows Admin Center, from there you can select Azure and do the registration. What it will do is making a API with your Microsoft Azure subscription:

Here you see the Registration in Microsoft Azure.

When that is completed successfully, you can add the Microsoft Azure Services via Extensions in Settings. We are going to Select Azure Security Center.

Install the Microsoft Azure Security Center Extension.

From here you have installed the basics for your Servers, now the Microsoft Azure Security Center feature is added in the left management bar at each Server in Windows Admin Center.
Now we only have to register the Servers into Azure Security Center with Windows Admin Center.

Here you see my MVPLAB Machines.

I have two Azure Stack HCI virtual Machines and I like to know if they are secure. ( Skywalker01 and Skywalker02) I start with the Azure Security Center Installation on Skywalker01 VM.

Azure Stack HCI VM called Skywalker01.mvplab.cloud
Sign into Azure.

Select your Azure Subscription, Create or Use existing workspace.
Select Region, and Create or use existing Resource Group.
Click on Setup.

The Virtual Machine will be added to Azure Security Center.

From here it need some time to do the job with doing assessments, getting the metadata of the server with log analytics. Microsoft Azure Security Center will come with security recommendations like:

Here you can do a Quick Fix and do Remediation.

 

After a view minutes the Security issues are also coming into Windows Admin Center.

Here I get some Security advice in Windows Admin Center for Skywalker01 VM

Here you see the Power of the Azure Cloud with Log Analytics and the
Azure Security Center baselines for Skywalker01 Azure Stack HCI VM.

I forgot Skywalker02 VM to do the monthly security updates and that is a Security Risk too of course :

Skywalker02 Azure Stack HCI VM at High Security Risk.
(No updates)

Of course we have Windows Updates in Windows Admin Center, Just have to select and approve the updates for Skywalker02 to solve this high Risk issue.

Skywalker02 Azure Stack HCI VM Security Risk Solved 😉

Conclusion

In a Hybrid IT world today is Better Together my motto with Windows Admin Center and Microsoft Azure Security Center you have a Great solution. You can make your own Azure Security Center Baseline policy to deploy on your Windows Servers to make them more Secure. Get a High Security Score ! And don’t worry you can add all your Windows Servers into Windows Admin Center if they are on-premises or in the Cloud.
With Azure MFA Two-Factor access authentication, you make your Management tool Windows Admin Center more Secure for your environment. If you don’t use Windows Admin Center yet, start Today !

More Information :

Windows Admin Center on Twitter : @servermgmt

Windows Admin Center Docs 

Windows Admin Center Website

Follow The Windows Admin Center Blog on Microsoft Tech Community

Join the Windows Admin Center Community


Leave a comment

Manage Servers On-premises with Microsoft Azure Cloud Services #Azure #Arc #Security #Cloud #AzureMonitor #ASC

Microsoft Azure Arc Servers On-Premises and Azure Cloud Services

Earlier I wrote a blogpost about Microsoft Azure Arc services installation to manage on-premises Servers with Azure Cloud Services, like Azure Monitor and Azure Security Centre from the Cloud.
Here in this post you will see the Newest Microsoft Azure Cloud Services to Manage and Monitor your Servers on-premises with security and compliance included.

Azure Arc Extensions settings of the Server.

Here you can see we have installed the Microsoft Monitoring Agent for Azure Monitor and log analytics, second we have installed the dependency Agent for Windows for
insights, Performance and Service maps. Here you find more information about Virtual machine extension management with Azure Arc for servers (preview)  

After initial deployment of the Azure Arc for servers (preview) Connected Machine agent for Windows or Linux, you may need to reconfigure the agent, upgrade it, or remove it from the computer if it has reached the retirement stage in its lifecycle. You can easily manage these routine maintenance tasks manually or through automation, which reduces both operational error and expenses.

Managing and maintaining the Connected Machine agent

Azure Arc Insights Performance monitor

The Azure Arc Insights Performance monitor is there by default and installed with the following dashboards :

  • CPU Utilization
  • Available Memory
  • Logical disk IOPS
  • Logical disk MB/s
  • Logical disk Latency
  • Max logical disk used %
  • Bytes Sent Rate
  • Bytes Received Rate

Azure Arc Logs Analytics

Of course you can make your own custom Dashboards in the Azure Portal with your own triggers, so in this way you get the same Azure Monitor Innovative Tools for your On-Premises Servers. 😉

Within Microsoft Azure Arc Insights, you can also see a Service Map of the Server

Here is were the dependency agent comes in, you get a service map of the Server and see the communication lines with other resources. In this picture you see Server Yoda01 a Domain Controller of my MVPLAB.
You can see that there are three Clients are logged on the domain controller.

Microsoft Azure Security Center for Azure Arc Servers

 

One of the most powerful and important features of Microsoft Azure Cloud platform is Security! Microsoft Azure Security Center (ASC) is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.

Here you see my Azure Arc Servers (On-Premises) in Azure Security Center.

Azure Arc Server in Azure Security Center recommendations Summary

Five security assessments passed the test, but Azure Security assessment has two recommendations one is Medium Risk and one low.

Here you see the Security advise and the Remediation to take action on your Server.

Microsoft Azure Security Center Overview with the Overall Secure Score.

Security controls – Each control is a logical group of related security recommendations, and reflects your vulnerable attack surfaces. A control is a set of security recommendations, with instructions that help you implement those recommendations. Your score only improves when you remediate all of the recommendations for a single resource within a control.

To immediately see how well your organization is securing each individual attack surface, review the scores for each security control.

 Here you find More information about Azure Security Center Secure Score

To get your Azure Arc Servers (On-premises) complaint for the business and security, you can use Microsoft Azure Arc Policies

Azure Arc Policies to meet your Compliance state.

Conclusion

Microsoft is bringing Azure Cloud Power tools everywhere with Azure Arc Services to give you modern tools like Azure Monitor and Azure Security Center to keep you in control, Secure and Compliant for your business. Keep following Microsoft for Hybrid IT Management, because more awesome features are added every day in Microsoft Azure Cloud Services. Let’s start to get your Azure Security Score UP and UP 😉


Leave a comment

Microsoft Azure ARC for Hybrid Infrastructure Management #Cloud #Azure #Hybrid

Microsoft Azure ARC and Manage your Infrastructure

Azure Arc for servers (preview) allows you to manage your Windows and Linux machines hosted outside of Azure on your corporate network or other cloud provider, similarly to how you manage native Azure virtual machines. When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure.

Azure ARC

Generate a script to onboard target machine.
Read more here for connecting hybrid Machine.

Connect hybrid machines to Azure from the Azure portal

The latest Azure ARC 2020 Updates via Microsoft Mechanics with Travis Wright


Leave a comment

Windows Admin Center Rocks for Managing Hybrid DataCenters #WAC #Azure #Winserv

Microsoft Windows Admin Center for Hybrid IT Management

I really like to work with Microsoft Windows Admin Center for managing my Hybrid workloads Windows Servers in Azure Cloud Services but also our On-premises Servers on Hyper-V and VMware platform. Even our physical Windows Servers can be managed from Windows Admin Center.

You can extend on-premises deployments of Windows Server to the cloud by using Azure hybrid services. These cloud services provide an array of useful functions, including the following:

  • Protect virtual machines and use cloud-based backup and disaster recovery (HA/DR) with Azure Site Recovery.
  • Track what’s happening across your applications, network and infrastructure with the help of advanced analytics and machine learning in Azure Monitor.
  • Simplify network connectivity to Azure with Azure Network Adapter.
  • Keep virtual machines up to date with Azure Update Management.

Azure hybrid services work with Windows Servers in the following configurations:

I’m working with Windows Admin Center since day one, and you see the hybrid management tool evolving with great new features to make your life as an Administrator more easier. For example you get notifications when there are updates in extensions.

Notification details about update Extensions

When you click on the link “Go to Extensions” you will see the Extensions installed and the Updates which you can install from there.

Here you see an Azure Security Center Extension update.

There are not only Microsoft extensions, but also third party solution extensions and you could build your own extension for your solution. Here you find all the information about Windows Admin Center Extensions

Third Party Windows Admin Center Extensions

Installing a New extension is easy to do, the Azure Cloud Shell (Preview) was the last extension I installed in my Azure MVP Lab to work with. Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or PowerShell. Cloud Shell enables access to a browser-based command-line experience built with Azure management tasks in mind. So how does this look in Windows Admin Center?

Install the Azure Cloud Shell (Preview) Extension

You find the Installed Azure Cloud Shell in the pulldown menu of WAC

Copy your code here https://microsoft.com/devicelogin

You will see this screen when you copy-paste the code

When you go back to Windows Admin Center you will see you are connected with Azure Cloud Shell CLI 😉

Azure Cloud Shell in Windows Admin Center

from here you can manage all your Azure Cloud Services via the Azure Cloud Shell CLI with Bash or Powershell.
Here you find more about Microsoft Azure Cloud Shell tools and Features.

you can add an Azure Network Adapter to your on-premises servers to help you securely connect the server to an Azure Virtual Network.

Read more about adding Microsoft Azure Network Adapter (Preview) in the top 10 Features of Windows Server 2019. Nice link speed of 40 Gbps 😉

For Management of your Windows Servers you need some tools and consoles. Windows Admin Center is supporting you to get the Management consoles in one place to do your administration and updates.
The next tree Features are in Windows Admin Center to manage your Windows Server.

Powershell inside WAC of my Domain Controller

Windows PowerShell is a task-based command-line shell and scripting language designed especially for system administration. Built on the .NET Framework, Windows PowerShell helps IT professionals and power users control and automate the administration of the Windows operating system and applications that run on Windows.
Here you find more information about Windows Commands

Windows Update in Windows Admin Center.

Of course you need to update your Windows Servers, and what I like in WAC is that you get the information if an update needs a reboot before you click on Install Updates. This option is good for my Azure MVP Lab but when you need to update more then 100 Servers, you would do that centrally managed like with Update Management solution in Azure

Windows Remote Desktop in WAC

Remote Desktop is one of the Features of Windows Admin Center, to take over the desktop for installations of Applications for example.

Windows Admin Center got a lot more Features and Tools to Manage your Windows Servers in a Hybrid world.
Like these :

  • Storage
  • Security
  • System Insights
  • Scheduled Tasks
  • Installing Roles and Features of Windows Server
  • Registry
  • Processes running on your Windows Server
  • Managing and deploying Clusters
  • and much More………

You can install the following Resources to Manage with WAC

Windows Admin Center Overview

Conclusion:

Microsoft Windows Admin Center is the New Management tool for your Hybrid IT Management to Controle your Servers for your Business. It got all the Management consoles covered of Windows Servers to manage from one tool.
It’s easy to use and It keeps you Up-to-date of what is happening on your Windows Server but also what is New and updated. With Microsoft Windows Admin Center your are learning on the job and that’s what I Like 😉
Hope you will use Microsoft Windows Admin Center too for your Business, download it here for Free!


Leave a comment

Get Started with Microsoft #MSOMS Network Performance (Preview)

network-performance-monitor-preview

OMS Network Performance Monitor (Preview)

This blogpost describes how to set-up and use the Network Performance Monitor solution in OMS, which helps you monitor the performance of your networks-in near real-time-to detect and locate network performance bottlenecks. With the Network Performance Monitor solution, you can monitor the loss and latency between two networks, subnets or servers. Network Performance Monitor detects network issues like traffic blackholing, routing errors, and issues that conventional network monitoring methods are not able to detect. Network Performance Monitor generates alerts and notifies as and when a threshold is breached for a network link. These thresholds can be learned automatically by the system or you can configure them to use custom alert rules. Network Performance Monitor ensures timely detection of network performance issues and localizes the source of the problem to a particular network segment or device.+

You can detect network issues with the solution dashboard which displays summarized information about your network including recent network health events, unhealthy network links, and subnetwork links that are facing high packet loss and latency. You can drill-down into a network link to view the current health status of subnetwork links as well as node-to-node links. You can also view the historical trend of loss and latency at the network, subnetwork, and node-to-node level. You can detect transient network issues by viewing historical trend charts for packet loss and latency and locate network bottlenecks on a topology map. The interactive topology graph allows you to visualize the hop-by-hop network routes and determine the source of the problem. Like any other solutions, you can use Log Search for various analytics requirements to create custom reports based on the data collected by Network Performance Monitor.+

The solution uses synthetic transactions as a primary mechanism to detect network faults. So, you can use it without regard for a specific network device’s vendor or model. It works across on-premises, cloud (IaaS), and hybrid environments. The solution automatically discovers the network topology and various routes in your network.+

Typical network monitoring products focus on monitoring the network device (routers, switches etc.) health but do not provide insights into the actual quality of network connectivity between two points, which Network Performance Monitor does.

If you are new with Microsoft Operations Management Suite, you can download here a Free OMS Subscription Plan to try it your Self

oms-network-performance-2

When you have added the Microsoft OMS Network Performance Monitor (Preview) to your Dashboard you have to install OMS agents and configure them in an easy way to start the Network Performance solution and getting results.

  1. Install OMS Agents.
  2. Configure OMS Agents
  3. Create your Networks.

1. Install OMS Agents :

In order to work with OMS, OMS agents are required to be installed on all servers of interest.

NPM requires agents to be installed on at least 2 servers to monitor the connectivity between them. We recommend that for every subnet that you want to monitor, select two or more servers and install the agent on them. If you are unsure about the topology of your network, simply install the agents on critical workloads for which you want to monitor the network performance.

connected-resources

Here you can download your OMS Agent for your Server

If you are deploying using SCOM you should ignore step 1 and jump directly to step 2

Once the NPM solution is enabled on your OMS workspace the required management packs for NPM will automatically flow down to the machines that are connected to OMS via SCOM.

In case you want to connect SCOM with OMS but haven’t figured out how to do it yet, click on the link below.
oms-operations-manager-connectionHow to Connect SCOM to OMS

2. Configure OMS agents :

Firewall ports are required to be opened on the servers so that the agents can connect to each other.

Run the script without any parameters in a power shell window with administrative privileges. This script creates few registry keys required by NPM and creates windows firewall rules to allow agents to create TCP connections with each other

The port opened by default would be 8084. You have the option of using a custom port by providing the parameter ‘portNumber’ to the script. However, the same port should be used on all the machines where the script is executed.

Note that the script will configure only windows firewall locally. If you have a network firewall you should make sure that it is allowing traffic destined for the TCP port being used by NPM

network-powershell-script

Run the Powershell script as Administrator on your Servers.

3. Create your Networks :

A ‘Network’ in NPM is a container for a bunch of subnets. The Default network is the container for all the subnets that are not contained in any user defined network. In the most likely case the subnets in your organization will be arranged in more than one network and you should create one or more network to logically group your subnets.

You can create network with any name that meets your business requirements and add the subnets to the network.

Once you have saved the configuration for the first time, the solution will start collecting network data. The process usually takes a while. Once the data has been uploaded you should be able to see the solution dashboard with data and graphs. At this point the setup is complete and you can start using the solution

The OMS Performance Monitor Solution needs time to get the information of your network.

after-powershell-script

oms-network-performance-3

I have only one network in my lab environment

oms-network-performance-4

OMS Network Performance Monitor (Preview)

oms-network-performance-5

The issue here is that my switches are not IP V6 ready 😦

trends-in-schedule

After a view days analytics you can make your own custom view

oms-network-performance-7

Here you can plot network performance issues between two Servers

oms-network-performance-8

Everything is fine here 🙂

oms-network-performance-9

When something is wrong you can go directly to the View Node Logs.

oms-network-performance-10

OMS Log analytics results of your Server

When you have a large network with a lot of HOPS like switches and routers you can see where you have latency :

npm-investigation

The OMS NPM solution is still in preview but you can test it in your test environment to learn and get a better network by eliminating your network issues.
When you use the OMS Gateway on-premises you can connect your Servers to Operations Management Suite, here you
find my blogpost for the installation and configuration :

Hybrid IT Connect computers and devices to #MSOMS using the OMS Gateway

Hope this blogpost is useful for you to get your network in Control with Hybrid IT Management of OMS Services.

SCUG Banner


Leave a comment

What is Operations Management Suite (OMS)? Video #MSOMS #Azure #Sysctr #Linux

Gain control over any hybrid cloud. Manage and protect Azure or AWS, Windows Server or Linux, VMware or OpenStack with Microsoft cost-effective, all-in-one cloud IT management solution.

Try Microsoft Operations Management Suit today by Create a Free Account here

log-analytics-security-diagram

Here you find Microsoft OMS Technical Documentation OverviewSCUG Banner